angr 9.2.152__py3-none-macosx_11_0_arm64.whl → 9.2.154__py3-none-macosx_11_0_arm64.whl

angr/analyses/stack_pointer_tracker.py

@@ -17,6 +17,7 @@ from angr.knowledge_plugins import Function
 from angr.block import BlockNode
 from angr.errors import SimTranslationError
 from angr.calling_conventions import SimStackArg
+from angr.utils.types import dereference_simtype_by_lib
 
 from .analysis import Analysis
 
@@ -812,10 +813,15 @@ class StackPointerTracker(Analysis, ForwardAnalysis):
                         if v is BOTTOM:
                             incremented = BOTTOM
                         elif callee.prototype is not None:
+                            proto = (
+                                dereference_simtype_by_lib(callee.prototype, callee.prototype_libname)
+                                if callee.prototype_libname
+                                else callee.prototype
+                            )
                             num_stack_args = len(
                                 [
                                     arg_loc
-                                    for arg_loc in callee.calling_convention.arg_locs(callee.prototype)
+                                    for arg_loc in callee.calling_convention.arg_locs(proto)
                                     if isinstance(arg_loc, SimStackArg)
                                 ]
                             )

angr/analyses/typehoon/simple_solver.py

@@ -2,6 +2,7 @@
 from __future__ import annotations
 import enum
 from collections import defaultdict
+from contextlib import suppress
 import logging
 
 import networkx
@@ -51,23 +52,6 @@ from .dfa import DFAConstraintSolver, EmptyEpsilonNFAError
 _l = logging.getLogger(__name__)
 
 
-PRIMITIVE_TYPES = {
-    TopType(),
-    Int(),
-    Int8(),
-    Int16(),
-    Int32(),
-    Int64(),
-    Pointer32(),
-    Pointer64(),
-    BottomType(),
-    Struct(),
-    Array(),
-    Float(),
-    Float32(),
-    Float64(),
-}
-
 Top_ = TopType()
 Int_ = Int()
 Int64_ = Int64()
@@ -83,6 +67,25 @@ Float_ = Float()
 Float32_ = Float32()
 Float64_ = Float64()
 
+
+PRIMITIVE_TYPES = {
+    Top_,
+    Int_,
+    Int8_,
+    Int16_,
+    Int32_,
+    Int64_,
+    Pointer32_,
+    Pointer64_,
+    Bottom_,
+    Struct_,
+    Array_,
+    Float_,
+    Float32_,
+    Float64_,
+}
+
+
 # lattice for 64-bit binaries
 BASE_LATTICE_64 = networkx.DiGraph()
 BASE_LATTICE_64.add_edge(Top_, Int_)
@@ -149,6 +152,24 @@ class SketchNode(SketchNodeBase):
     def __hash__(self):
         return hash((SketchNode, self.typevar))
 
+    @property
+    def size(self) -> int | None:
+        """
+        Best-effort estimation of the size of the typevar (in bits). Returns None if we cannot determine.
+        """
+
+        if isinstance(self.typevar, DerivedTypeVariable):
+            last_label = self.typevar.labels[-1]
+            if isinstance(last_label, HasField) and last_label.bits != MAX_POINTSTO_BITS:
+                return last_label.bits
+        if isinstance(self.lower_bound, TypeConstant) and not isinstance(self.lower_bound, (TopType, BottomType)):
+            with suppress(NotImplementedError):
+                return self.lower_bound.size * 8
+        if isinstance(self.upper_bound, TypeConstant) and not isinstance(self.upper_bound, (TopType, BottomType)):
+            with suppress(NotImplementedError):
+                return self.upper_bound.size * 8
+        return None
+
 
 class RecursiveRefNode(SketchNodeBase):
     """
@@ -433,9 +454,8 @@ class SimpleSolver:
             if isinstance(tv, TypeVariable) and isinstance(sol, TypeConstant):
                 self.solution[tv] = sol
 
-        equ_classes, sketches, _ = self.solve()
         self._solution_cache = {}
-        self.determine(equ_classes, sketches, self.solution)
+        self.solve()
         for typevar in list(self._constraints):
             self._convert_arrays(self._constraints[typevar])
 
@@ -448,6 +468,11 @@ class SimpleSolver:
         - Build the constraint graph
         - Collect all constraints
         - Apply constraints to derive the lower and upper bounds
+        - Determine a solution for type variables with constraints
+        - Rewrite the constraint graph by replacing determined type variables with their solutions
+        - Solve repeatedly until all interesting type variables have solutions
+
+        By repeatedly solving until exhausting interesting type variables, we ensure the S-Trans rule is applied.
         """
 
         prem_typevars = set(self._constraints) | self._typevars
@@ -476,11 +501,7 @@ class SimpleSolver:
                     elif isinstance(t, TypeVariable) and t in typevars:
                         constrained_typevars.add(t)
 
-        equivalence_classes, sketches = self.infer_shapes(typevars, constraints)
-        # TODO: Handle global variables
-
-        type_schemes = constraints
-
+        _, sketches = self.infer_shapes(typevars, constraints)
         constraintset2tvs = defaultdict(set)
         for idx, tv in enumerate(constrained_typevars):
             _l.debug("Collecting constraints for type variable %r (%d/%d)", tv, idx + 1, len(constrained_typevars))
@@ -490,20 +511,43 @@ class SimpleSolver:
 
         for idx, (constraint_subset, tvs) in enumerate(constraintset2tvs.items()):
             _l.debug(
-                "Solving %d constraints for type variables %r (%d/%d)",
+                "Solving %d constraints for %d type variables %r (%d/%d)",
                 len(constraint_subset),
+                len(tvs),
                 tvs,
                 idx + 1,
                 len(constraintset2tvs),
             )
-            base_constraint_graph = self._generate_constraint_graph(constraint_subset, tvs | PRIMITIVE_TYPES)
-            for idx_0, tv in enumerate(tvs):
-                _l.debug("Solving for type variable %r (%d/%d)", tv, idx_0 + 1, len(tvs))
-                primitive_constraints = self._generate_primitive_constraints({tv}, base_constraint_graph)
+
+            while True:
+                base_constraint_graph = self._generate_constraint_graph(constraint_subset, tvs | PRIMITIVE_TYPES)
+                primitive_constraints = self._generate_primitive_constraints(tvs, base_constraint_graph)
+                tvs_with_primitive_constraints = set()
                 for primitive_constraint in primitive_constraints:
+                    tv = self._typevar_from_primitive_constraint(primitive_constraint)
+                    tvs_with_primitive_constraints.add(tv)
+                    assert tv is not None, f"Cannot find type variable in primitive constraint {primitive_constraint}"
                     sketches[tv].add_constraint(primitive_constraint)
-
-        return equivalence_classes, sketches, type_schemes
+                solutions = {}
+                self.determine(sketches, tvs_with_primitive_constraints, solutions)
+                _l.debug("Determined solutions for %d type variable(s).", len(tvs_with_primitive_constraints))
+                if not solutions:
+                    break
+
+                self.solution |= solutions
+
+                tvs = {tv for tv in tvs if tv not in tvs_with_primitive_constraints}
+                if not tvs:
+                    break
+                # rewrite existing constraints
+                new_constraint_subset = set()
+                for constraint in constraint_subset:
+                    rewritten = self._rewrite_constraint(constraint, solutions)
+                    new_constraint_subset.add(rewritten)
+                constraint_subset = new_constraint_subset
+
+        # set the solution for missing type vars to TOP
+        self.determine(sketches, set(sketches).difference(set(self.solution)), self.solution)
 
     def infer_shapes(
         self, typevars: set[TypeVariable], constraints: set[TypeConstraint]
@@ -593,7 +637,6 @@ class SimpleSolver:
         non_primitive_endpoints: set[TypeVariable | DerivedTypeVariable],
         constraint_graph,
     ) -> set[TypeConstraint]:
-        # FIXME: Extract interesting variables
         constraints_0 = self._solve_constraints_between(constraint_graph, non_primitive_endpoints, PRIMITIVE_TYPES)
         constraints_1 = self._solve_constraints_between(constraint_graph, PRIMITIVE_TYPES, non_primitive_endpoints)
         return constraints_0 | constraints_1
@@ -612,6 +655,25 @@ class SimpleSolver:
             # TODO: Other types of constraints?
         return typevars
 
+    @staticmethod
+    def _typevar_from_primitive_constraint(constraint: TypeConstraint) -> TypeVariable | None:
+        if isinstance(constraint, Subtype):
+            if (
+                isinstance(constraint.sub_type, DerivedTypeVariable)
+                and type(constraint.sub_type.type_var) is TypeVariable
+            ):
+                return constraint.sub_type.type_var
+            if type(constraint.sub_type) is TypeVariable:
+                return constraint.sub_type
+            if (
+                isinstance(constraint.super_type, DerivedTypeVariable)
+                and type(constraint.super_type.type_var) is TypeVariable
+            ):
+                return constraint.super_type.type_var
+            if type(constraint.super_type) is TypeVariable:
+                return constraint.super_type
+        return None
+
     @staticmethod
     def _get_all_paths(
         graph: networkx.DiGraph,
@@ -825,7 +887,6 @@ class SimpleSolver:
         """
 
         graph = networkx.DiGraph()
-        constraints = self._get_transitive_subtype_constraints(constraints)
         for constraint in constraints:
             if isinstance(constraint, Subtype):
                 self._constraint_graph_add_edges(
@@ -836,33 +897,6 @@ class SimpleSolver:
         self._constraint_graph_recall_forget_split(graph)
         return graph
 
-    @staticmethod
-    def _get_transitive_subtype_constraints(constraints: set[TypeConstraint]) -> set[TypeConstraint]:
-        """
-        Apply the S-Trans rule: a <: b, b <: c => a <: c
-        """
-        tv2supertypes = defaultdict(set)
-        for constraint in constraints:
-            if isinstance(constraint, Subtype):
-                tv2supertypes[constraint.sub_type].add(constraint.super_type)
-
-        new_constraints = set()
-        while True:
-            changed = False
-            for subtype, supertypes in tv2supertypes.items():
-                supertypes_copy = set(supertypes)
-                for supertype in supertypes_copy:
-                    if supertype in tv2supertypes:
-                        for supertype_ in tv2supertypes[supertype]:
-                            if supertype_ not in supertypes_copy:
-                                changed = True
-                                supertypes.add(supertype_)
-                                new_constraints.add(Subtype(subtype, supertype_))
-            if not changed:
-                break
-
-        return constraints | new_constraints
-
     @staticmethod
     def _constraint_graph_add_recall_edges(graph: networkx.DiGraph, node: ConstraintGraphNode) -> None:
         while True:
@@ -1004,12 +1038,7 @@ class SimpleSolver:
         if typevar in typevar_set:
             return True
         if isinstance(typevar, Struct) and Struct_ in typevar_set:
-            if not typevar.fields:
-                return True
-            return all(
-                SimpleSolver._typevar_inside_set(field_typevar, typevar_set)
-                for field_typevar in typevar.fields.values()
-            )
+            return True
         if isinstance(typevar, Array) and Array_ in typevar_set:
             return SimpleSolver._typevar_inside_set(typevar.element, typevar_set)
         if isinstance(typevar, Pointer) and (Pointer32_ in typevar_set or Pointer64_ in typevar_set):
@@ -1110,31 +1139,47 @@ class SimpleSolver:
             return Pointer64()
         return t
 
+    @staticmethod
+    def _rewrite_constraint(constraint: TypeConstraint, solutions: dict) -> TypeConstraint:
+        if isinstance(constraint, Subtype):
+            replaced = False
+            if isinstance(constraint.sub_type, TypeVariable) and constraint.sub_type in solutions:
+                sub_type = solutions[constraint.sub_type]
+                replaced = True
+            else:
+                sub_type = constraint.sub_type
+            if isinstance(constraint.super_type, TypeVariable) and constraint.super_type in solutions:
+                super_type = solutions[constraint.super_type]
+                replaced = True
+            else:
+                super_type = constraint.super_type
+            return Subtype(sub_type, super_type) if replaced else constraint
+        return constraint
+
     def determine(
         self,
-        equivalent_classes: dict[TypeVariable, TypeVariable],
         sketches,
+        tvs,
         solution: dict,
         nodes: set[SketchNode] | None = None,
     ) -> None:
         """
         Determine C-like types from sketches.
 
-        :param equivalent_classes:  A dictionary mapping each type variable from its representative in the equivalence
-                                    class over ~.
         :param sketches:            A dictionary storing sketches for each type variable.
         :param solution:            The dictionary storing C-like types for each type variable. Output.
         :param nodes:               Optional. Nodes that should be considered in the sketch.
         :return:                    None
         """
-        for typevar, sketch in sketches.items():
-            self._determine(equivalent_classes, typevar, sketch, solution, nodes=nodes)
 
-        for v, e in self._equivalence.items():
-            if v not in solution and e in solution:
-                solution[v] = solution[e]
+        for typevar in tvs:
+            self._determine(typevar, sketches[typevar], solution, nodes=nodes)
+
+        for v, eq in self._equivalence.items():
+            if v not in solution and eq in solution:
+                solution[v] = solution[eq]
 
-    def _determine(self, equivalent_classes, the_typevar, sketch, solution: dict, nodes: set[SketchNode] | None = None):
+    def _determine(self, the_typevar, sketch, solution: dict, nodes: set[SketchNode] | None = None):
         """
         Return the solution from sketches
         """
@@ -1194,7 +1239,7 @@ class SimpleSolver:
             for vals, out in [(func_inputs, input_args), (func_outputs, output_values)]:
                 for idx in range(max(vals) + 1):
                     if idx in vals:
-                        sol = self._determine(equivalent_classes, the_typevar, sketch, solution, nodes=vals[idx])
+                        sol = self._determine(the_typevar, sketch, solution, nodes=vals[idx])
                         out.append(sol)
                     else:
                         out.append(None)
@@ -1290,7 +1335,7 @@ class SimpleSolver:
                 offset = sorted_offsets[i]
 
                 child_nodes = node_by_offset[offset]
-                sol = self._determine(equivalent_classes, the_typevar, sketch, solution, nodes=child_nodes)
+                sol = self._determine(the_typevar, sketch, solution, nodes=child_nodes)
                 if isinstance(sol, TopType):
                     # make it an array if possible
                     elem_size = min(offset_to_sizes[offset])
@@ -1323,12 +1368,20 @@ class SimpleSolver:
             lower_bound = Bottom_
             upper_bound = Top_
 
+            node_sizes = set()
             for node in nodes:
-                lower_bound = self.join(lower_bound, node.lower_bound)
-                upper_bound = self.meet(upper_bound, node.upper_bound)
-                # TODO: Support variables that are accessed via differently sized pointers
+                node_size = node.size
+                if node_size is not None:
+                    node_sizes.add(node_size)
+            if len(node_sizes) > 1:
+                # multi-sized reads - cannot converge to a reasonable type
+                result = Bottom_
+            else:
+                for node in nodes:
+                    lower_bound = self.join(lower_bound, node.lower_bound)
+                    upper_bound = self.meet(upper_bound, node.upper_bound)
+                result = lower_bound if not isinstance(lower_bound, BottomType) else upper_bound
 
-            result = lower_bound if not isinstance(lower_bound, BottomType) else upper_bound
             for node in nodes:
                 solution[node.typevar] = result
                 self._solution_cache[node.typevar] = result
@@ -1386,3 +1439,12 @@ class SimpleSolver:
         if self.bits == 64:
             return Pointer64
         raise NotImplementedError(f"Unsupported bits {self.bits}")
+
+    @staticmethod
+    def dump_constraint_graph(graph: networkx.DiGraph, filename: str) -> None:
+        """
+        Dump the constraint graph to a file.
+        """
+        from networkx.drawing.nx_agraph import write_dot  # pylint:disable=import-outside-toplevel
+
+        write_dot(graph, filename)

angr/analyses/typehoon/typehoon.py

@@ -100,7 +100,8 @@ class Typehoon(Analysis):
                     and not isinstance(type_.pts_to, SimTypeArray)
                 ):
                     type_ = type_.pts_to
-                type_candidates.append(type_)
+                if type_ is not None:
+                    type_candidates.append(type_)
 
             # determine the best type - this logic can be made better!
             if not type_candidates:

angr/analyses/variable_recovery/engine_ail.py

@@ -9,10 +9,10 @@ import claripy
 from unique_log_filter import UniqueLogFilter
 
 from angr.engines.light.engine import SimEngineNostmtAIL
-from angr.procedures import SIM_LIBRARIES, SIM_TYPE_COLLECTIONS
-from angr.sim_type import SimTypeFunction, dereference_simtype
+from angr.sim_type import SimTypeFunction
 from angr.analyses.typehoon import typeconsts, typevars
 from angr.analyses.typehoon.lifter import TypeLifter
+from angr.utils.types import dereference_simtype_by_lib
 from .engine_base import SimEngineVRBase, RichR
 
 if TYPE_CHECKING:
@@ -190,17 +190,11 @@ class SimEngineVRAIL(
 
         if prototype is not None and args:
             # add type constraints
-
-            type_collections = []
-            if prototype_libname is not None:
-                for prototype_lib in SIM_LIBRARIES[prototype_libname]:
-                    if prototype_lib.type_collection_names:
-                        for typelib_name in prototype_lib.type_collection_names:
-                            type_collections.append(SIM_TYPE_COLLECTIONS[typelib_name])
-
             for arg, arg_type in zip(args, prototype.args):
                 if arg.typevar is not None:
-                    arg_type = dereference_simtype(arg_type, type_collections).with_arch(arg_type._arch)
+                    arg_type = (
+                        dereference_simtype_by_lib(arg_type, prototype_libname) if prototype_libname else arg_type
+                    )
                     arg_ty = TypeLifter(self.arch.bits).lift(arg_type)
                     type_constraint = typevars.Subtype(arg.typevar, arg_ty)
                     self.state.add_type_constraint(type_constraint)
@@ -209,7 +203,7 @@ class SimEngineVRAIL(
 
     def _handle_stmt_Call(self, stmt):
         target = stmt.target
-        args = []
+        args: list[RichR] = []
         if stmt.args:
             for arg in stmt.args:
                 self._reference_spoffset = True
@@ -283,22 +277,17 @@ class SimEngineVRAIL(
 
         if prototype is not None and args:
             # add type constraints
-
-            type_collections = []
-            if prototype_libname is not None:
-                for prototype_lib in SIM_LIBRARIES[prototype_libname]:
-                    if prototype_lib.type_collection_names:
-                        for typelib_name in prototype_lib.type_collection_names:
-                            type_collections.append(SIM_TYPE_COLLECTIONS[typelib_name])
-
             for arg, arg_type in zip(args, prototype.args):
                 if arg.typevar is not None:
-                    arg_type = dereference_simtype(arg_type, type_collections).with_arch(arg_type._arch)
+                    arg_type = (
+                        dereference_simtype_by_lib(arg_type, prototype_libname) if prototype_libname else arg_type
+                    )
                     arg_ty = TypeLifter(self.arch.bits).lift(arg_type)
-                    if isinstance(arg_ty, typevars.TypeConstraint) and isinstance(arg.typevar, typevars.TypeConstraint):
-                        continue
-                    type_constraint = typevars.Subtype(arg.typevar, arg_ty)
-                    self.state.add_type_constraint(type_constraint)
+                    if arg.typevar is not None and isinstance(
+                        arg_ty, (typeconsts.TypeConstant, typevars.TypeVariable, typevars.DerivedTypeVariable)
+                    ):
+                        type_constraint = typevars.Subtype(arg.typevar, arg_ty)
+                        self.state.add_type_constraint(type_constraint)
 
     def _handle_stmt_Return(self, stmt):
         if stmt.ret_exprs:

angr/analyses/variable_recovery/engine_base.py

@@ -47,7 +47,7 @@ class RichR(Generic[RichRT_co]):
     ):
         self.data = data
         self.variable = variable
-        self.typevar = typevar
+        self.typevar: typeconsts.TypeConstant | typevars.TypeVariable | None = typevar
         self.type_constraints = type_constraints
 
     @property

angr/knowledge_plugins/functions/function.py

@@ -127,7 +127,7 @@ class Function(Serializable):
         self._retout_sites: set[BlockNode] = set()
         # block nodes (basic block nodes) at whose ends the function terminates
         # in theory, if everything works fine, endpoints == ret_sites | jumpout_sites | callout_sites
-        self._endpoints = defaultdict(set)
+        self._endpoints: defaultdict[str, set[BlockNode]] = defaultdict(set)
 
         self._call_sites = {}
         self.addr = addr
@@ -1358,7 +1358,7 @@ class Function(Serializable):
             return
 
         graph = self.transition_graph
-        end_addresses = defaultdict(list)
+        end_addresses: defaultdict[int, list[BlockNode]] = defaultdict(list)
 
         for block in self.nodes:
             if isinstance(block, BlockNode):
@@ -1456,7 +1456,13 @@ class Function(Serializable):
                     )
                 else:
                     # We gotta create a new one
-                    l.error("normalize(): Please report it to Fish/maybe john.")
+                    l.error("normalize(): Please report it to Fish.")
+
+                # update endpoints
+                for sortset in self._endpoints.values():
+                    if n in sortset:
+                        sortset.remove(n)
+                        sortset.add(smallest_node)
 
             end_addresses[end_addr] = [smallest_node]
 
@@ -1680,7 +1686,7 @@ class Function(Serializable):
         n = separator
         if must_disambiguate_by_addr:
             n += hex(self.addr) + separator
-        elif self.binary is not self.project.loader.main_object:
+        elif self.binary is not self.project.loader.main_object and self.binary_name is not None:
             n += self.binary_name + separator
         return n + (display_name or self.name)
 

angr/sim_type.py

@@ -7,7 +7,7 @@ import re
 import logging
 from collections import OrderedDict, defaultdict, ChainMap
 from collections.abc import Iterable
-from typing import Literal, Any, TYPE_CHECKING, cast, overload
+from typing import Literal, Any, cast, overload
 
 from archinfo import Endness, Arch
 import claripy
@@ -17,12 +17,9 @@ import cxxheaderparser.types
 import pycparser
 from pycparser import c_ast
 
-from angr.errors import AngrMissingTypeError, AngrTypeError
+from angr.errors import AngrTypeError
 from angr.sim_state import SimState
 
-if TYPE_CHECKING:
-    from angr.procedures.definitions import SimTypeCollection
-
 StoreType = int | claripy.ast.BV
 
 l = logging.getLogger(name=__name__)
@@ -324,7 +321,7 @@ class SimTypeReg(SimType):
         with contextlib.suppress(AttributeError):
             value = value.ast  # type: ignore
         if isinstance(value, claripy.ast.Bits):  # pylint:disable=isinstance-second-argument-not-valid-type
-            if value.size() != self.size:
+            if value.size() != self.size:  # type: ignore
                 raise ValueError("size of expression is wrong size for type")
         elif isinstance(value, int):
             value = claripy.BVV(value, self.size)
@@ -383,7 +380,7 @@ class SimTypeNum(SimType):
         store_endness = state.arch.memory_endness
 
         if isinstance(value, claripy.ast.Bits):  # pylint:disable=isinstance-second-argument-not-valid-type
-            if value.size() != self.size:
+            if value.size() != self.size:  # type: ignore
                 raise ValueError("size of expression is wrong size for type")
         elif isinstance(value, int) and self.size is not None:
             value = claripy.BVV(value, self.size)
@@ -505,7 +502,12 @@ class SimTypeFixedSizeInt(SimTypeInt):
     _fixed_size: int = 32
 
     def c_repr(
-        self, name=None, full=0, memo=None, indent=0, name_parens: bool = True  # pylint:disable=unused-argument
+        self,
+        name=None,
+        full=0,
+        memo=None,
+        indent: int | None = 0,
+        name_parens: bool = True,  # pylint:disable=unused-argument
     ):
         out = self._base_name
         if not self.signed:
@@ -1653,7 +1655,7 @@ class SimUnion(NamedTypeMixin, SimType):
     def size(self):
         if self._arch is None:
             raise ValueError("Can't tell my size without an arch!")
-        member_sizes = [ty.size for ty in self.members.values() if not isinstance(ty, SimTypeBottom)]
+        member_sizes: list[int] = [ty.size for ty in self.members.values() if not isinstance(ty, SimTypeBottom)]
         # fall back to word size in case all members are SimTypeBottom
         return max(member_sizes) if member_sizes else self._arch.bytes
 
@@ -3652,67 +3654,6 @@ def parse_cpp_file(cpp_decl, with_param_names: bool = False):
     return func_decls, {}
 
 
-def dereference_simtype(
-    t: SimType, type_collections: list[SimTypeCollection], memo: dict[str, SimType] | None = None
-) -> SimType:
-    if memo is None:
-        memo = {}
-
-    if isinstance(t, SimTypeRef):
-        real_type = None
-
-        if t.name in memo:
-            return memo[t.name]
-
-        if type_collections and t.name is not None:
-            for tc in type_collections:
-                try:
-                    real_type = tc.get(t.name)
-                    break
-                except AngrMissingTypeError:
-                    continue
-        if real_type is None:
-            raise AngrMissingTypeError(f"Missing type {t.name}")
-        return dereference_simtype(real_type, type_collections, memo=memo)
-
-    # the following code prepares a real_type SimType object that will be returned at the end of this method
-    if isinstance(t, SimStruct):
-        if t.name in memo:
-            return memo[t.name]
-
-        real_type = t.copy()
-        if not t.anonymous:
-            memo[t.name] = real_type
-        fields = OrderedDict((k, dereference_simtype(v, type_collections, memo=memo)) for k, v in t.fields.items())
-        real_type.fields = fields
-    elif isinstance(t, SimTypePointer):
-        real_pts_to = dereference_simtype(t.pts_to, type_collections, memo=memo)
-        real_type = t.copy()
-        real_type.pts_to = real_pts_to
-    elif isinstance(t, SimTypeArray):
-        real_elem_type = dereference_simtype(t.elem_type, type_collections, memo=memo)
-        real_type = t.copy()
-        real_type.elem_type = real_elem_type
-    elif isinstance(t, SimUnion):
-        real_members = {k: dereference_simtype(v, type_collections, memo=memo) for k, v in t.members.items()}
-        real_type = t.copy()
-        real_type.members = real_members
-    elif isinstance(t, SimTypeFunction):
-        real_args = [dereference_simtype(arg, type_collections, memo=memo) for arg in t.args]
-        real_return_type = (
-            dereference_simtype(t.returnty, type_collections, memo=memo) if t.returnty is not None else None
-        )
-        real_type = t.copy()
-        real_type.args = tuple(real_args)
-        real_type.returnty = real_return_type
-    else:
-        return t
-
-    if t._arch is not None:
-        real_type = real_type.with_arch(t._arch)
-    return real_type
-
-
 if pycparser is not None:
     _accepts_scope_stack()